Public Consulting Group, Inc. (PCG) is a leading public sector management consulting and operations improvement firm that partners with health, education, and human services agencies to improve lives. Founded in 1986 and headquartered in Boston, Massachusetts, PCG has over 2,000 professionals in more than 50 offices across North America and in Europe. The firm has five designated practice areas with extensive experience in all 50 states, clients in six Canadian provinces, and a growing practice in Europe. Often combining resources from two or more practice areas, PCG offers clients a multidisciplinary approach to solve their challenges or pursue opportunities. To learn more, visit www.publicconsultinggroup.com.
Information Security Operations Engineer will be part of CISO office and work under the supervision of Information Security Manager. Following are the highlights of expected responsibilities.
* Design, implement, manage and operate hardware/software, such as Advance Threat Protection (appliance/endpoint), Intrusion Prevention, Vulnerability management, Access control, Content Filtering, Data Loss Prevention (appliance/endpoint) and data encryption solutions, to protect sensitive information. • Monitor the organization's network/infrastructure for indicators of compromise or compliance breach and investigate and document any events, incidents or violation(s).• Lead incident response, including steps to remediate or minimize impact on business infrastructure. Understanding of modern and sophisticated cyber-attacks is important.• Coordinate and/or conduct penetration testing or simulate attacks to look for vulnerabilities in their systems before they can be exploited. Conduct periodic vulnerability assessment on the infrastructure.• Carry out organization's way of handling security. Interface with internal business partners, peers, various external security product vendors, partners and resellers.• Assist and Develop security standards and best practices for the organization.• Assist and participate in on-call rotation (on-going/weekly) for any security incidents. Willing to work off-hours for maintenance and support.• Willing to learn new technologies in the ever-changing world of Cyber Security. When needed, cross train peers and other internal business partners with new technologies, processes and functions.• Keep up to date with information technology (IT) security trends and recommend safeguards and enhancements to the management.• Creation and documentation of new processes as required.
* 5+ years of progressive experience in information security or information risk management.• Experience with architecting and securing cloud solutions e.g. AWS, MS Azure and Office365 (Sharepoint/OneDrive/Exchange Online).• Experience with Anti-Malware (Endpoint/Appliance), VMS, Email Security Systems, DLP (endpoint/Appliance), Data Encryption, Antivirus, Forensic tools, Firewalls, WAF, Content/URL filtering, Threat Intelligence, CASB, SIEM (Log Analysis). This role requires hands on experience on multiple tools.• In-depth knowledge of multi-tier applications and infrastructure and designs, security threat/risk/data classification.• Experience and familiarity with industry standards NIST-800/1800, HIPAA, FERPA and various security protocols, such as PKI, SSL, Encryption, Data Redacting, DLP.• Understanding of various systems, like MS Active Directory, MS Windows, MS Exchange, Unix/Linux OS.• In-depth knowledge of various OS related tools is required. Ability to understand packet captures (wireshark/tcpdump etc).• Currently possess or enrolled for information security professional certifications such as CEH, CISSP, SANS, CISA or similar.• Team player and relationship builder, able to work with remote peers. Ability to build relationships, engage and influence others, while working with a diverse local and remote team as well as vendors.• Ability to work independently in situations with little or no guidance, managing multiple priorities with tight deadlines.